On 2015-05-23, at 21:54, Mirimir wrote: > On 05/23/2015 07:47 AM, Alexis Wattel wrote: > > <SNIP> > >> From what I know, Mike Perry's article on hardening Android is the only >> viable *starting* point to secure an Android platform. >> >> Good luck fellas! > > It needs to be a dedicated device, with no links (money, accounts, > contacts, activities, etc) to ones true name. And as Mike notes, it > can't have a working cellular radio. Public WiFi only. > > <SNIP>
As this discussion has drifted away from the original topic, I changed the subject. I believe that the above warning against Android should really be understood as warning against mobile phones in general: Phones are powerful surveillance devices, easily exploitable by third parties. I don’t think that Android phones are worse than other smartphones in this respect. Please correct me if I’m wrong. As a matter of fact, people use smartphones anyways. Some readers here might say that smartphone users are doomed beyond help. I don’t agree. People may try to protect themselves (1) against targeted attacks and targeted espionage or (2) against mass surveillance. Both assume different threat models, yet frequently both are mixed up, which does not help. I agree that I’m doomed if I attempt (1) on my smartphone. In fact, I don’t think that many people are skilled enough to protect any kind of device with Internet connection against targeted attacks. Thinking of Stuxnet, I don’t believe that there are many devices which can be protected against targeted attacks at all (regardless of network connections). Now, if we mix up cases (1) and (2) it is easy to conclude that there is nothing one can do anyways. Resistance appears futile, so it’s reasonable to resign and submit to the destruction of our privacy. It’s the convenient, lazy route, apparently justified by expert advice. So, let’s consider both cases separately. Let’s forget about (1). We are left with (2), mass surveillance, which as the name suggests affects the masses and should be everybody’s concern. Mass surveillance is based on bulk data collection, where it’s easy to see who communicates where and when with whom, potentially about what. I hope that Tor is a useful tool against mass surveillance. It’s probably safe to say that with Tor it is not “easy” any more to see who communicates where and when with whom. Tor users do not offer this information voluntarily, they resist actively. And it does not matter on what devices people use Tor. Mass surveillance becomes harder in any case. So, please, be careful whom you warn how against the use of mobile phones. Too many people are indifferent to mass surveillance already. Do not join the chorus to mislead the masses in believing that resistance is futile. You may suggest to throw away mobile phones, of course. I would not expect more than disbelieve, shock, or laughter in response. Alternatively, you may want to explain other measures—which also work on phones: Use decentralized services, use alternative search engines, encrypt communication, anonymize communication. Best wishes Jens -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
